[Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2021-31879 as postponed for Stretch

Sat, 22 May 2021 04:03:23 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
842e764f by Thorsten Alteholz at 2021-05-22T13:02:46+02:00
mark CVE-2021-31879 as postponed for Stretch

- - - - -
9719dd61 by Thorsten Alteholz at 2021-05-22T13:02:47+02:00
mark CVE-2020-15522 as no-dsa for Stretch

- - - - -
8ca1c79f by Thorsten Alteholz at 2021-05-22T13:02:48+02:00
mark CVE-2021-21419 as not-affected for Stretch

- - - - -
dc893f40 by Thorsten Alteholz at 2021-05-22T13:02:49+02:00
mark CVE-2021-21419 as not-affected for Buster

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3641,6 +3641,7 @@ CVE-2021-31880
        RESERVED
 CVE-2021-31879 (GNU Wget through 1.21.1 does not omit the Authorization header 
upon a  ...)
        - wget <unfixed> (bug #988209)
+       [stretch] - wget <postponed> (Minor issue; can be fixed in next update)
        NOTE: https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
 CVE-2021-31878
        RESERVED
@@ -29313,6 +29314,8 @@ CVE-2021-21420 (vscode-stripe is an extension for 
Visual Studio Code. A vulnerab
        NOT-FOR-US: vscode-stripe Visual Studio Code extension
 CVE-2021-21419 (Eventlet is a concurrent networking library for Python. A 
websocket pe ...)
        - python-eventlet 0.26.1-7 (bug #988342)
+       [buster] - python-eventlet <not-affected> (Vulnerable code (compression 
extension) introduced later)
+       [stretch] - python-eventlet <not-affected> (Vulnerable code 
(compression extension) introduced later)
        NOTE: 
https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2
        NOTE: Fixed by: 
https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07
 CVE-2021-21418 (ps_emailsubscription is a newsletter subscription module for 
the Prest ...)
@@ -70755,6 +70758,7 @@ CVE-2020-15523 (In Python 3.6 through 3.6.10, 3.7 
through 3.7.8, 3.8 through 3.8
        - python2.7 <not-affected> (Python on Windows)
 CVE-2020-15522 (Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, 
BC-FJA bef ...)
        - bouncycastle 1.68-1
+       [stretch] - bouncycastle <no-dsa> (Minor issue)
        NOTE: https://github.com/bcgit/bc-java/wiki/CVE-2020-15522
 CVE-2020-15521 (Zoho ManageEngine Applications Manager before 14 build 14730 
has no pr ...)
        NOT-FOR-US: Zoho



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e3afc37683784966394df66466f2eae009273fe7...dc893f404583c840bf069f9f02c4a67e369ed524

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e3afc37683784966394df66466f2eae009273fe7...dc893f404583c840bf069f9f02c4a67e369ed524
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to